shiherlis's profile
Advocate

Advocate

 • 

635 Messages

Fri, Oct 1, 2021 10:36 PM

App Login Issue

I checked my app to see when the system was turned off and had to sign in (the last time I used the app, I was signed in). After pressing the "Sign In" button, I encountered the following message:

"Your connection is not private

Attackers might be trying to steal your information from auth.simplisafe.com (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_AUTHORITY_INVALID

To get Chrome's highest level of security, turn on enhanced protection"

When I clicked Advanced, I saw the following:

"auth.simplisafe.com normally uses encryption to protect your information. When Chrome tried to connect to auth.simplisafe.com this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be auth.simplisafe.com, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Chrome stopped the connection before any data was exchanged.

You cannot visit auth.simplisafe.com right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."

I did not sign in. Is anyone else experiencing this problem? The app is updated (4.3.0 Android), Chrome is updated, and I am on my home Wi-Fi network. I was able to sign in on my computer without encountering the error (with Chrome). I am at a loss. I do not know if it is a SimpliSafe issue or not. There is no chance my phone has any malware, spyware, or viruses.

Accepted Solution

Advocate

 • 

417 Messages

Il y a 10 m

First, what mobile OS are you running and what version? If it's an older Android version I suspect it's more likely the root CA expiration is the cause of your issues.

Second, proceed at your own risk with this. There's very little risk (arguably none, actually) in disabling a root CA that has expired but you have to decide if you want to give it a go or not. You can always re-enable afterwards.

On Android please check the following:

Open Settings application
Select Security
Select Encryption & Credentials
Select Trusted Credentials
Scroll down and look for the following:

"Internet Security Research Group / ISRG Root X1"

Make sure this certificate exists and then click on it and confirm the expiration date is some date in the future. This is the new certificate that replaced the one that expired on 09/30.

While you're in this menu, check for this certificate as well:

"Digital Signature Trust Co. / DST Root CA X3"

Click on that certificate and you should see the expiration date was September 30, 2021. You can disable this certificate, reboot your device and try again to see if it helps. I've seen instances in WIndows where the presence of this certificate caused issues so disabling it to test might be worth your time.

If you're on Apple, I got nothing for you but maybe someone else can chime in or you can Google how to find and check the CA stores.

Advocate

 • 

635 Messages

Worthing, I think you have identified the problem. I thought I was running 11.0, but I am running Android 10.0 with very few OS independent apps (I have just three outside of Google apps I utilize - one of which is SimpliSafe). At the same time, I see "Digital Signature Trust Co. / DST Root CA X3," but "Internet Security Research Group / ISRG Root X1" is not listed.

Thank you for taking the time to help out, as you certainly did not have to. I wonder if others who are not running the latest version of Android are limited in the app sign-in and have experienced the same issue.

I genuinely appreciate your assistance.

Advocate

 • 

635 Messages

Il y a 10 m

Within ten minutes of posting this, I got a notification for a new SimpliSafe app update (4.4.0). But, unfortunately, it did not remedy the problem.

Advocate

 • 

417 Messages

Il y a 10 m

I can't say for sure that this is related but there was a major root certificate that expired on 09/30 and many many sites had issues as a result. I wouldn't be surprised if this was related to your issues but I can't say for sure.

More info at https://www.darkreading.com/risk/companies-face-issues-as-let-s-encrypt-root-certificate-expires if you're interested.

Advocate

 • 

635 Messages

Thank you for that link, Worthing. I had a feeling that could be the potential issue as it has not cleared on its own.

(Either that or Chrome on my phone is the problem - Google updated it on 9/30/21)

I will have to wait it out and not utilize the app. Once Johnny M. leaves the building forums for the weekend, it will not be seen by anyone at SimpliSafe until Monday (at the earliest). I could call but doubt a CS Rep would have the ability to report the glitch AND get resolution. Again, I am uncertain SimpliSafe has anyone working on such things on weekends.

Advocate

 • 

635 Messages

Il y a 10 m

I bypassed the app's authorization issue by going to the site via the browser on my phone (independent of the app - simplisafe.com as opposed to auth.simplisafe.com). Logging into my account through there allowed me to open the app then, and it worked after verifying the device via email. That last part, I am unsure if that happens each time you have to sign in to the app, but I do not believe so (I cannot recall).

Community Admin

 • 

2.9K Messages

Il y a 10 m

Hi Shiherlis,

Glad to hear that you were able to get logged in after all. Worthing might have been on the right track with that issue relating to the root certificate. We haven't gotten reports of this being widespread, so our site wizards might have already gotten the issue resolved. Are you still seeing the issue when trying to log into the app? Keep me updated!

- Johnny M.
SimpliSafe Home Security

Advocate

 • 

635 Messages

Il y a 10 m

Thank you for the response, Johnny. Unfortunately, the error remains (i.e., I logged out and attempted to sign in again via the app only).

Update: I went into the site via my browser on my phone again, signed in, and when I went into the app, it gave the following error message:

"CONNECTION ERROR

The SimpliSafe App is temporarily unavailable
Your home is still secure. App availability does not affect your system or monitoring service. Please try again later."


Logout"

The error was after I was signed into it from my Saturday workaround. So I exited the app, immediately reaccessed it, and received the regular sign-in prompt (within the app itself). This time, the sign-in behaved as it should. So I will leave it alone until later and then test it again, so I do not have any issues while away from home.

Additionally, when trying to reply to your message, Johnny, I encountered the following forum error numerous times:

"403 ERROR

The request could not be satisfied.

Request blocked. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.


Generated by cloudfront (CloudFront)
Request ID: 17y20DNpDawKRZEjWiA6nAHC3SikzRvmxNevfsaCZAiA4PtVbE799A=="


I have experienced SimpliSafe errors galore over the past few days.

(edited)

Advocate

 • 

417 Messages

Il y a 10 m

No problem - I'm glad I could help provide some guidance on tracking down what might be the root cause. (And while I'm not 100% sure this is the root cause, it's definitely looking more and more like it.)

but "Internet Security Research Group / ISRG Root X1" is not listed


This is definitely a bigger issue than the other expired certificate still hanging around and may cause issues with all kinds of services as this is definitely not a SimpliSafe specific problem.

I'm a little surprised the root CAs for Android 10 don't include the certificate above. Actually, more than a little surprised. When I said "older" above I was thinking Android 8/9 kind of old.

I'm not aware of a way to force a refresh of available root CAs for Android w/o rooting your device by the way. You can probably secure a copy of the certificate and manually import it but I would proceed with extreme caution here. If you import the wrong certificate as a trusted CA you could open yourself to a host of the most serious kinds of security issues.

I'll do some more digging when I have free time and let you know if I find anything.

Il y a 10 m

@Worthing, you were right about the root certificate, it's effecting a lot of Mac systems. I think iOS 10.11 and less. about half of the sites I've gone to in the last few days were giving me errors. I was finally able to find how to add a new certificate and my browsers are working now.

@Johnny M I wasn't able to log onto to the SimpliSafe forums until I manually installed a new certificate, so that maybe why you haven't heard from many people that are having the problem, that can't log on! I spent the last several hours troubleshooting my browsers (because that's what I assumed the problem was) Luckily I found Worthing's post

Advocate

 • 

417 Messages

Il y a 10 m

@whyAMiStillTaLkIng,

Glad you found the post helpful!

The only issue I've found related to the root CA expiration was with a WIndows 10 system and a web service I use. In that case, the new root CA was there but the presence of the old and expired root CA was an issue. Once I (backed it up first) and deleted the old certificate everything worked just fine.

There will be different fixes for different systems and services which makes troubleshooting and fixing even more challenging.

Il y a 10 m

@Worthing

Yes Windows systems, I believe going back to XP SP3, will update their root certificates. But that is a newer feature for Macs, that Apple added only to a few of their most recent operating systems.

Advocate

 • 

635 Messages

Il y a 10 m

I upgraded to Android 11.0, and it solved the problem, though my car app no longer works (so I had better not lose my key while out, and I cannot remote start any longer). I suppose you cannot have your cake and eat it too. Maybe it will work again with the next MB update. The certificate problem was my primary concern.

Again, thank you for all of your help, Worthing. I doubt I would have figured it out. I am uncertain as to why the Root CA was missing. Perhaps with some spare time on my hands, I will research it.

Advocate

 • 

417 Messages

Il y a 10 m

though my car app no longer works


Yikes. Sorry to hear about this. Is the app not compatible with Android 11? That seems really unlikely so maybe purge the cache, reinstall, reboot, etc. and contact support.

In this instance you should be able to have your cake and eat it too.

6 Messages

Il y a 10 m

I'm having the same certificate issue. Disabling the "Digital Signature Trust Co. / DST Root CA X3" certificate did not help, and I don't have the "Internet Security Research Group / ISRG Root X1" certificate.

I'm running Android 7.0 because my phone is several years old and doesn't support any newer versions.

Any news on other fixes/workarounds?

Captain

 • 

4.6K Messages

Il y a 10 m

@simplisafe_ADFFPN Johnny M had a post in another thread that iOS 12 was no longer supported.  It may be that Android 7 faced the same fate.  SS, what is the minimum spec required for the Anddroid app?

Advocate

 • 

108 Messages

Il y a 10 m

Android 7.0 is the minimum.
It was at the bottom of the iOS post.